With --enable-gpg the keyservers are now build and a first test using gpg2

shows no prblems. Needs more testing of course.
2025-07-02 22:46:30 +02:00 · 2006-08-16 10:47:53 +00:00 · 2006-08-16 10:47:53 +00:00 · b744f963d7
commit b744f963d7
parent 5be40e9fad
36 changed files with 952 additions and 372 deletions
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@ -1,3 +1,21 @@
+2006-08-16  Werner Koch  <wk@g10code.com>
+
+	* keyserver.c (GPGKEYS_PREFIX): Rename to gpg2keys_.  This is so
+	that we can install helpers from 1.4 and 2 without conflicts and
+	first of all don't get lost with weird bug reports.
+
+	* keyid.c (serialno_and_fpr_from_sk): New. Actually lost during
+	the last 1.4 to 1.9 merge.
+
+	* gpg.c (list_config): Output ccid-reader-id only for gnupg 1.
+
+	* call-agent.c (agent_scd_writekey): New.
+	(inq_writekey_parms): New.
+
+	* gpgv.c: Include call-agent.h for use by stubs.
+
+	* misc.c: Include call-agent.h for use by get_signature_count.
+
 2006-07-27  Werner Koch  <wk@g10code.com>

 	* parse-packet.c (parse_comment): Cap comments at 65k.
--- a/g10/Makefile.am
+++ b/g10/Makefile.am
@ -108,7 +108,8 @@ gpgv2_SOURCES = gpgv.c           \
 #	       ks-db.h \
 #	       $(common_source)

-LDADD =  $(needed_libs) $(ZLIBS) @LIBINTL@ @CAPLIBS@ @W32LIBS@ 
+LDADD =  $(needed_libs) $(ZLIBS) $(DNSLIBS) $(LIBREADLINE) \
+         $(LIBINTL) $(CAPLIBS) $(W32LIBS)
 gpg2_LDADD = $(LIBGCRYPT_LIBS) $(LDADD) -lassuan -lgpg-error
 gpgv2_LDADD = $(LIBGCRYPT_LIBS) $(LDADD) -lassuan -lgpg-error

--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@ -1,5 +1,5 @@
 /* call-agent.c - divert operations to the agent
- *	Copyright (C) 2001, 2002, 2003 Free Software Foundation, Inc.
+ * Copyright (C) 2001, 2002, 2003, 2006 Free Software Foundation, Inc.
 *
 * This file is part of GnuPG.
 *
@ -47,17 +47,26 @@
 # define DBG_ASSUAN 1
 #endif

-static ASSUAN_CONTEXT agent_ctx = NULL;
+static assuan_context_t agent_ctx = NULL;
 static int force_pipe_server = 1; /* FIXME: set this back to 0. */

-struct cipher_parm_s {
-  ASSUAN_CONTEXT ctx;
+struct cipher_parm_s 
+{
+  assuan_context_t ctx;
  const char *ciphertext;
  size_t ciphertextlen;
 };

-struct genkey_parm_s {
-  ASSUAN_CONTEXT ctx;
+struct writekey_parm_s
+{
+  assuan_context_t ctx;
+  const unsigned char *keydata;
+  size_t keydatalen;
+};
+
+struct genkey_parm_s 
+{
+  assuan_context_t ctx;
  const char *sexp;
  size_t sexplen;
 };
@ -672,6 +681,48 @@ agent_scd_setattr (const char *name,
  return map_assuan_err (rc);
 }

+
+
+/* Handle a KEYDATA inquiry.  Note, we only send the data,
+   assuan_transact takes care of flushing and writing the end */
+static assuan_error_t
+inq_writekey_parms (void *opaque, const char *keyword)
+{
+  struct writekey_parm_s *parm = opaque; 
+
+  return assuan_send_data (parm->ctx, parm->keydata, parm->keydatalen);
+}
+
+
+/* Send a WRITEKEY command to the SCdaemon. */
+int 
+agent_scd_writekey (int keyno, const char *serialno,
+                    const unsigned char *keydata, size_t keydatalen)
+{
+  int rc;
+  char line[ASSUAN_LINELENGTH];
+  struct writekey_parm_s parms;
+
+  rc = start_agent ();
+  if (rc)
+    return rc;
+
+  memset (&parms, 0, sizeof parms);
+
+  snprintf (line, DIM(line)-1, "SCD WRITEKEY --force OPENPGP.%d", keyno);
+  line[DIM(line)-1] = 0;
+  parms.ctx = agent_ctx;
+  parms.keydata = keydata;
+  parms.keydatalen = keydatalen;
+  
+  rc = assuan_transact (agent_ctx, line, NULL, NULL,
+                        inq_writekey_parms, &parms, NULL, NULL);
+
+  return map_assuan_err (rc);
+}
+
+
+

 /* Status callback for the SCD GENKEY command. */
 static AssuanError
@ -765,7 +816,7 @@ membuf_data_cb (void *opaque, const void *buffer, size_t length)
 int
 agent_scd_pksign (const char *serialno, int hashalgo,
                  const unsigned char *indata, size_t indatalen,
-                  char **r_buf, size_t *r_buflen)
+                  unsigned char **r_buf, size_t *r_buflen)
 {
  int rc, i;
  char *p, line[ASSUAN_LINELENGTH];
@ -822,7 +873,7 @@ agent_scd_pksign (const char *serialno, int hashalgo,
 int
 agent_scd_pkdecrypt (const char *serialno,
                     const unsigned char *indata, size_t indatalen,
-                     char **r_buf, size_t *r_buflen)
+                     unsigned char **r_buf, size_t *r_buflen)
 {
  int rc, i;
  char *p, line[ASSUAN_LINELENGTH];
--- a/g10/call-agent.h
+++ b/g10/call-agent.h
@ -82,6 +82,10 @@ int agent_scd_setattr (const char *name,
                       const unsigned char *value, size_t valuelen,
                       const char *serialno);

+/* Send a WRITEKEY command to the SCdaemon. */
+int agent_scd_writekey (int keyno, const char *serialno,
+                        const unsigned char *keydata, size_t keydatalen);
+
 /* Send a GENKEY command to the SCdaemon. */
 int agent_scd_genkey (struct agent_card_genkey_s *info, int keyno, int force,
                      const char *serialno);
@ -89,12 +93,12 @@ int agent_scd_genkey (struct agent_card_genkey_s *info, int keyno, int force,
 /* Send a PKSIGN command to the SCdaemon. */
 int agent_scd_pksign (const char *keyid, int hashalgo,
                      const unsigned char *indata, size_t indatalen,
-                      char **r_buf, size_t *r_buflen);
+                      unsigned char **r_buf, size_t *r_buflen);

 /* Send a PKDECRYPT command to the SCdaemon. */
 int agent_scd_pkdecrypt (const char *serialno,
                         const unsigned char *indata, size_t indatalen,
-                         char **r_buf, size_t *r_buflen);
+                         unsigned char **r_buf, size_t *r_buflen);

 /* Change the PIN of an OpenPGP card or reset the retry counter. */
 int agent_scd_change_pin (int chvno, const char *serialno);
--- a/g10/gpg.c
+++ b/g10/gpg.c
@ -1434,7 +1434,9 @@ list_config(char *items)

      if(show_all || ascii_strcasecmp(name,"ccid-reader-id")==0)
 	{
-#if defined(ENABLE_CARD_SUPPORT) && defined(HAVE_LIBUSB)
+#if defined(ENABLE_CARD_SUPPORT) && defined(HAVE_LIBUSB) \
+    && GNUPG_MAJOR_VERSION == 1
+
          char *p, *p2, *list = ccid_get_reader_list ();

          for (p=list; p && (p2 = strchr (p, '\n')); p = p2+1)
@ -3871,10 +3873,6 @@ emergency_cleanup (void)
 void
 g10_exit( int rc )
 {
-#ifdef ENABLE_CARD_SUPPORT
-  card_close ();
-#endif
-
  gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE);
  if ( (opt.debug & DBG_MEMSTAT_VALUE) )
    {
--- a/g10/gpgv.c
+++ b/g10/gpgv.c
@ -49,6 +49,7 @@
 #include "ttyio.h"
 #include "i18n.h"
 #include "status.h"
+#include "call-agent.h"


 enum cmd_and_opt_values { aNull = 0,
--- a/g10/keydb.h
+++ b/g10/keydb.h
@ -292,6 +292,8 @@ const char *colon_datestr_from_sig (PKT_signature *sig);
 const char *colon_expirestr_from_sig (PKT_signature *sig);
 byte *fingerprint_from_sk( PKT_secret_key *sk, byte *buf, size_t *ret_len );
 byte *fingerprint_from_pk( PKT_public_key *pk, byte *buf, size_t *ret_len );
+char *serialno_and_fpr_from_sk (const unsigned char *sn, size_t snlen,
+                                PKT_secret_key *sk);

 /*-- kbnode.c --*/
 KBNODE new_kbnode( PACKET *pkt );
--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -2921,6 +2921,7 @@ generate_raw_key (int algo, unsigned int nbits, u32 created_at,
  PKT_secret_key *sk = NULL;
  int i;
  size_t nskey, npkey;
+  gcry_sexp_t s_parms, s_key;

  npkey = pubkey_get_npkey (algo);
  nskey = pubkey_get_nskey (algo);
@ -3613,8 +3614,8 @@ gen_card_key (int algo, int keyno, int is_primary,
  if ( !info.n || !info.e )
    {
      log_error ("communication error with SCD\n");
-      mpi_free (info.n);
-      mpi_free (info.e);
+      gcry_mpi_release (info.n);
+      gcry_mpi_release (info.e);
      return gpg_error (GPG_ERR_GENERAL);
    }
  
@ -3672,7 +3673,7 @@ gen_card_key_with_backup (int algo, int keyno, int is_primary,
  int rc;
  const char *s;
  PACKET *pkt;
-  PKT_secret_key *sk, *sk_unprotected, *sk_protected;
+  PKT_secret_key *sk, *sk_unprotected = NULL, *sk_protected = NULL;
  PKT_public_key *pk;
  size_t n;
  int i;
@ -3697,7 +3698,7 @@ gen_card_key_with_backup (int algo, int keyno, int is_primary,
  n = pubkey_get_nskey (sk->pubkey_algo);
  for (i=pubkey_get_npkey (sk->pubkey_algo); i < n; i++)
    {
-      mpi_free (sk->skey[i]);
+      gcry_mpi_release (sk->skey[i]);
      sk->skey[i] = NULL;
    }
  i = pubkey_get_npkey (sk->pubkey_algo);
@ -3733,12 +3734,13 @@ gen_card_key_with_backup (int algo, int keyno, int is_primary,
    umask (oldmask);
    if (!fp) 
      {
+        rc = gpg_error_from_errno (errno);
 	log_error (_("can't create backup file `%s': %s\n"),
                   fname, strerror(errno) );
        xfree (fname);
        free_secret_key (sk_unprotected);
        free_secret_key (sk_protected);
-        return G10ERR_OPEN_FILE;
+        return rc;
      }

    pkt = xcalloc (1, sizeof *pkt);
@ -3754,7 +3756,7 @@ gen_card_key_with_backup (int algo, int keyno, int is_primary,
      }
    else
      {
-        byte array[MAX_FINGERPRINT_LEN];
+        unsigned char array[MAX_FINGERPRINT_LEN];
        char *fprbuf, *p;
       
        iobuf_close (fp);
@ -3831,11 +3833,11 @@ save_unprotected_key_to_card (PKT_secret_key *sk, int keyno)
  assert (!sk->is_protected);

  /* Copy the parameters into straight buffers. */
-  rsa_n = mpi_get_secure_buffer (sk->skey[0], &rsa_n_len, NULL);
-  rsa_e = mpi_get_secure_buffer (sk->skey[1], &rsa_e_len, NULL);
-  rsa_p = mpi_get_secure_buffer (sk->skey[3], &rsa_p_len, NULL);
-  rsa_q = mpi_get_secure_buffer (sk->skey[4], &rsa_q_len, NULL);
-  if (!rsa_n || !rsa_e || !rsa_p || !rsa_q)
+  gcry_mpi_aprint (GCRYMPI_FMT_USG, &rsa_n, &rsa_n_len, sk->skey[0]);
+  gcry_mpi_aprint (GCRYMPI_FMT_USG, &rsa_e, &rsa_e_len, sk->skey[1]);
+  gcry_mpi_aprint (GCRYMPI_FMT_USG, &rsa_p, &rsa_p_len, sk->skey[2]);
+  gcry_mpi_aprint (GCRYMPI_FMT_USG, &rsa_q, &rsa_q_len, sk->skey[3]);
+   if (!rsa_n || !rsa_e || !rsa_p || !rsa_q)
    {
      rc = G10ERR_INV_ARG;
      goto leave;
--- a/g10/keyid.c
+++ b/g10/keyid.c
@ -812,3 +812,28 @@ fingerprint_from_sk( PKT_secret_key *sk, byte *array, size_t *ret_len )
  *ret_len = len;
  return array;
 }
+
+
+/* Create a serialno/fpr string from the serial number and the secret
+   key.  Caller must free the returned string.  There is no error
+   return.  */
+char *
+serialno_and_fpr_from_sk (const unsigned char *sn, size_t snlen,
+                          PKT_secret_key *sk)
+{
+  unsigned char fpr[MAX_FINGERPRINT_LEN];
+  size_t fprlen;
+  char *buffer, *p;
+  int i;
+  
+  fingerprint_from_sk (sk, fpr, &fprlen);
+  buffer = p = xmalloc (snlen*2 + 1 + fprlen*2 + 1);
+  for (i=0; i < snlen; i++, p+=2)
+    sprintf (p, "%02X", sn[i]);
+  *p++ = '/';
+  for (i=0; i < fprlen; i++, p+=2)
+    sprintf (p, "%02X", fpr[i]);
+  *p = 0;
+  return buffer;
+}
+
--- a/g10/keyserver.c
+++ b/g10/keyserver.c
@ -941,7 +941,11 @@ direct_uri_map(const char *scheme,unsigned int is_direct)
  return 0;
 }

+#if GNUPG_MAJOR_VERSION == 2
+#define GPGKEYS_PREFIX "gpg2keys_"
+#else
 #define GPGKEYS_PREFIX "gpgkeys_"
+#endif
 #define GPGKEYS_CURL GPGKEYS_PREFIX "curl" EXEEXT
 #define GPGKEYS_PREFIX_LEN (strlen(GPGKEYS_CURL))
 #define KEYSERVER_ARGS_KEEP " -o \"%O\" \"%I\""
--- a/g10/misc.c
+++ b/g10/misc.c
@ -64,6 +64,7 @@
 #include "main.h"
 #include "photoid.h"
 #include "options.h"
+#include "call-agent.h"
 #include "i18n.h"


@ -490,7 +491,9 @@ idea_cipher_warn(int show)
 }
 #endif

-static unsigned long get_signature_count(PKT_secret_key *sk)
+
+static unsigned long 
+get_signature_count (PKT_secret_key *sk)
 {
 #ifdef ENABLE_CARD_SUPPORT
  if(sk && sk->is_protected && sk->protect.s2k.mode==1002)
--- a/g10/pubkey-enc.c
+++ b/g10/pubkey-enc.c
@ -37,6 +37,7 @@
 #include "main.h"
 #include "i18n.h"
 #include "pkglue.h"
+#include "call-agent.h"


 static int get_it( PKT_pubkey_enc *k,